Schafkopf-Server/Sources/App/routes.swift

import Vapor

private let encoder = JSONEncoder()

func routes(_ app: Application) throws {
    app.get { req in
        return "It works!"
    }

    app.post("create", "user", ":name", ":hash") { req -> String in
        guard let name = req.parameters.get("name"),
              let hash = req.parameters.get("hash") else {
            throw Abort(.badRequest)
        }
        let digest = try req.password.hash(hash)

        guard !database.has(user: name) else {
            throw Abort(.conflict)
        }
        let token = database.add(user: name, hash: digest)
        return token
    }

    app.get("create", "session", ":name", ":hash") { req -> String in
        guard let name = req.parameters.get("name"),
              let hash = req.parameters.get("hash") else {
            throw Abort(.badRequest)
        }
        guard let digest = database.hash(ofUser: name),
              try req.password.verify(hash, created: digest) else {
            throw Abort(.forbidden)
        }
        let token = database.startSession(forUser: name)
        return token
    }

    app.get("session", "resume", ":token") { req -> String in
        guard let token = req.parameters.get("token") else {
            throw Abort(.badRequest)
        }
        guard let user = database.user(forToken: token) else {
            throw Abort(.forbidden)
        }
        return user
    }

    // TODO: Improve token handling (it will be logged when included in url!)
    app.get("create", "table", ":visibility", ":name", ":token") { req -> String in
        guard let name = req.parameters.get("name"),
              let token = req.parameters.get("token"),
              let visibility = req.parameters.get("visibility") else {
            throw Abort(.badRequest)
        }
        let isVisible: Bool
        if visibility == "private" {
            isVisible = false
        } else if visibility == "public" {
            isVisible = true
        } else {
            throw Abort(.badRequest)
        }

        guard let user = database.user(forToken: token) else {
            throw Abort(.forbidden)
        }
        guard !database.tableExists(named: name) else {
            throw Abort(.conflict)
        }
        let tableId = database.createTable(named: name, player: user, visible: isVisible)
        return tableId
    }

    app.get("tables", "public", ":token") { req -> String in
        guard let token = req.parameters.get("token") else {
            throw Abort(.badRequest)
        }
        guard let _ = database.user(forToken: token) else {
            throw Abort(.forbidden)
        }
        let list = database.getPublicTableInfos()
        return try encoder.encode(list).base64EncodedString()
    }

    app.post("table", "join", ":table", ":token") { req -> String in
        guard let table = req.parameters.get("table"),
              let token = req.parameters.get("token") else {
            throw Abort(.badRequest)
        }
        guard let player = database.user(forToken: token) else {
            throw Abort(.forbidden)
        }
        guard database.tableExists(withId: table) else {
            throw Abort(.notFound)
        }
        guard !database.tableIsFull(withId: table) else {
            throw Abort(.notAcceptable)
        }
        database.join(tableId: table, player: player)
        return ""
    }
}